Topic: BC Vault hardware wallet - is this a reasonable answer to a question? (Read 1488 times)

Sorry, no more security related details will be provided. As said, good luck with your mission though!

Thanks for replying!
This thing is becoming interesting to me, because if i am not successful, my funds will be locked forever, so, no chance to fail here.

I think that you are right for looking for security in your device, this is the thing we want when we look for hardware wallets. But, i also think that open source is not the problem. The real question on open sourcing things is the way you do it. There are a lot of open source and secure things, like bitcoin itself, linux, and so much on. The problem is how you deal with people involved with your business. Wouldn't be great if we, the community, help you make BCVault even more secure then it is? Someone, maybe not me, WILL sooner or later decrypt the file, or hack the device. I just think that BCVault should be involved on this in a responsible and secure disclosure, not to get caught by surprise.

It is a great start to us to hear from you that this is an AES-256 secured device, but also, you mention you implemented security mechanisms. Which of the seven AES operation modes did you used? ECB, CBC, CTR, PCBC, CFB, OFB or GCM? How the password and PIN are hashed to form the key, is it an known hashing function?

Hope you get involved and hear to us, your actual, and possible clients.

No, it's not, don't spread lies and act smart.
There is no bit of open source, bit of closed source, don't mix apples and oranges.
Bc vault github is only for their wallet provider and for javascript API for integrating BC-Vault, not a single line of code regarding firmware or anything else.
I can also create fake Bitcoin code that is also open source, but nobody will use that, except maybe people who don't use their brain.
https://github.com/bc-vault

A lot of their code is open source. Trezor also had same issues with fake devices due to open source (source: https://blog.trezor.io/psa-non-genuine-trezor-devices-979b64e359a7?gi=17785e898fa5)

Fake Ledgers: https://www.google.com/amp/s/www.forbes.com/sites/leemathews/2021/06/18/cybercrooks-are-mailing-users-fake-ledger-devices-to-steal-their-cryptocurrency/amp/

Well there is a lot of options and you always choose what you think is good for you! Diversity and competition drives the development and improvement.

Ledger is NOT open source same as bc vault so I don't know why you would mention this in same content.
Much greater danger is coming from hardware wallets with closed source code with potentially hidden and dormant backdoors that can stay asleep for years before activation.
If federal agents can wait 3 years and create anom phones, I don't see why doing the same for hardware wallets would be any trouble for them.

Good luck Nice effort, but looong loong way from success.

We implemented proprietary security mechanisms (using standard aes256 of course) and thus we do not provide any shortcuts.

Sole purpose of any crypto wallet is to NOT MAKE IT EASY to even try to approach brute forcing….latest example of this is Ledger users receiving FAKE LEDGERS with changed software etc..sad but true. Open source is two edge sword and one edge is hackers exploiting it.

I wish you luck with trying the passwords.

Hey guys, i am trying to solve this question in this github repo:
https://github.com/eliaspoliceno/decrypt-bcvault

I think BCVault is a great device, but i also think that sending backup files to anyone is not a secure thing to do.
So i am trying to decrypt it by myself.

Maybe could help us a bit? Or even play a hot and cold game guiding us?
I know all the info in this brand new device, global and wallet pass and pin. I need to know now:

• Which algorithm to use, in which mode, and where to find the extra parameters? Is it an AES-256 CBC as i am suspecting?
• After decrypting the outer block, where the innner block starts? Is it the same algorithm, same mode, in the same way to find parameters?
• Finally, after decrypting, how can i read back the private key from the resulting byte array?

Hope to be successful!

Ok, I'm doing this, but it hasn't been easy days, it's my economics of life  and father in my wallet , and i know that i'm responsible for this situation, but i hopely expect that BC Vault team help me.

Please contact [email protected]

You will have to get it right, this is the sole purpose of the device - protect private keys and allow access only with correct credentials.

Hello There,

Its my firs time here posting message, nice to meet all there.

I´m in a big real trouble and if i´m in a wrong place, tell me where i must go...

I have BC Vault with 2 Wallets, but i wrote my Wallet Password / Pin from Wallet 2 wrong in a paper.

Global Password - Ok
Global PIN - Ok
Wallet Password or Wallet PIN [Wrong]

What alternatives i have in this situation? Somebody has some experience / solution for this?

It´s possible i´m write some program to try passwords by combination and try automatically ?

Indeed!

Bounty wallet of 1BTC (Actually 1.17) is preloaded on every unit, it is exactly the same as every wallet you create. You hack it, it is yours!

BC Vault did independent security audit (including architecture, hardware, sources!): https://bc-vault.com/2020/05/bc-vault-completes-security-assessment-by-siq/

You can also always export RAW PRIVATE KEYS (our infrastructure NOT needed): https://support.bc-vault.com/a/solutions/articles/43000543089

Did you know that every purchased BC Vault hardware wallet is shipped with pre-loaded 1 Bitcoin?
Yes, if you order their hardware wallet you will get device with privatekey and 1 Bitcoin worth 50k at this time, BUT there is a catch and you could claim it only if you break their encryption.
This is also available for everyone to see on their website:
https://bc-vault.com/
archive: https://archive.vn/iXT6N

Bad thing about this wallet is that everything is closed source but they say they will release it as open source if they go bust  
https://github.com/bc-vault

Hey all!

As promised BC Vault did complete hardware certifications, radio certifications and of course the most important thing complete security assessment (software+firmware+services - architecture review, SW+HW pentest, Source code review) review by independent external organisation - SIQ (TÜV in Slovenia, responsible for all worldwide standard certifications - CE, EMC, RoHS...).

https://bc-vault.com/2020/05/bc-vault-completes-security-assessment-by-siq/
https://bc-vault.com/2020/04/bc-vault-successfully-completed-conformity-certificate/

Excellent, looking forward to read the audit!

Yes, wallet is already undergoing testing, but this things take a lot of time. So once they will be made, we will of course publish them!

Thank you, sure planning to do so. Are there any independent audits of your Wallet that will be released in the near future?

Hey!

Thank you for your support, we sure hope you will become a user in the future. Yes there is a code available, that is valid up to end of the year in our shop: "christmas10bcvault" Expiry date 2019-12-31.

I am glad that you incorporated exportation of the seed, as I was very interested in your wallet but hesitant due to the seeds being ”locked” to the BC Vault. Will there be a christmas discount?

Thank you for raising the concerns and I hope we did provide you with proper answers!

I am the original poster of the question on this forum. Thanks for listening to us alien2108 and for your responses. I will follow your progress with your vault. Unfortunately this time I went with a different vendor, but I still really like your product. I hope you become a big comptetitor to the other devices out there.

Additionally we released the Aluminum versions of BC Vault and since it is Black Friday today, special price is also available!

P2WPKH support also added!

Version 1.3.2 with private key reveal was just released!

See this KB Article on support page!

Hello all!

As I promised, we did listen to your input and implemented the export private key in a way, that we feel is safe enough for the user to do it in a way, where the exposure risk is at minimal. Following is the procedure:

- BC Vault has to be booted in special mode for private key reveal to work (you hold down a key when you plug it in)

- Advanced mode has to be enabled in the application

- You will then see "Reveal private key" option by each wallet (small red key icon on the right):


- Once you choose to reveal the private key, your wallet will be marked "Not secure" forever. Same as we already have for all imported wallets (we already did support import of private keys, as mentioned)

- You will then confirm the reveal on the device itself:


- Finally you get "your precious one":


Displaying the private key on the device insures (as opposed in the application), that the key still was not exposed on anything connected to the internet. It is now your choice to either write it down, take a picture on film, etch it on glass with Daguerreotype...or simply trust your phone camera and take a digital picture (careful!)

And they say big display is not so important?

Public release is scheduled for next minor release of application+fw (very soon).

They could covert WIF back to raw and import that.

But we will support WIF import in next release (it actually is supported already in libraries, but GUI is filtering out the "invalid" chars).

Those users will not be exporting private key anyway If you come in situation where you really need "barebones" private key, best way is to export it raw. WIF might become WIFv2 or exWif or whatever standard the future will bring, but raw private key stays the same forever. So to be able to be future proof, raw is the way to go in my opinion.

We might add WIF as option for BTC as you suggested, but this will not be implemented right away.

That wont do, most users don't know how to convert private key to WIF, some don't want to use converters or tools to convert it to WIF.
Lastly, almost all (Bitcoin) clients do not support non-WIF private keys.

1. It's shorter and the identical characters are omitted, so it's still "cool".
2. Why don't you just add an option/default option to convert prv key to WIF for coins like BTC? The conversion isn't that complicated.

We considered that, but we will not do WIF. Why?

- WIF is only usable for BTC, EOS (and for EOS you can not include both private keys)
- It is case sensitive which is not "cool" for manual operations

If you get raw private key, you can always do whatever you want to it...Like convert to WIF if you want to.

I had a lengthy discussion with out team and I do think we came to a very good solution for possible export of private keys in a way, where user will not be compromised even if procedure is initialised on a compromised desktop. Such wallets will also be marked as insecure - we already mark all imported wallets as such!

BTW!!!! TI forgot to mention, that if you want to use known private key wallets on BC Vault right now, you CAN! Simply generate private keys somewhere safe (well actually you need 64 chars, x2 for EOS) and use "Import wallet". This way, you will have all the wallets on BC Vault, which private keys you have. You just have to be extra carefull on where you generated them.

Stay tuned for more soon!

We do not try to evolve new encryption algorithms, nor do we have a plan to do so This is really very very very complex stuff that is more in the field of mathematics than IT.

Google Authenticator is not really about encryption, it's more about TOTP (Time-based One-time Password Algorithm) - it's time based authentication process, but I am really glad you mentioned it. Millions use it for sensitive stuff as 2FA for crypto exchange logins and similar, but did you know Google Authenticator is NOT open source (it was sometimes)? (Source: https://lwn.net/Articles/581086/).

Thank you for your thoughts.

As I said, you will not have to wait for us to go bankrupt for access to your private keys! Once we find a proper way we feel comfortable with in regards to all aspect of security, we will allow private key export!

I'm going to leave a quote from Satoshi (can't find the exact source tough):

It's not even about trusting the fact that you did a good job... I don't know you, but you're probably a lot smarter than me (I must honestly say I wouldn't have a clue as to where I should start when creating a hw wallet). It's all about the fact we should not have to trust your word when you tell us you created a propriatory algo to derive keys, or when you tell us you used community standards to encrypt backups.... Bitcoin's community is trustless,  we want to verify (or at least have a Dev we know verify the code).

But, I feel we'll never agree, so I wish you the best of luck with your company, and j hope you take the feedback you received to heart when you make decisions for your future products.... But in the end, it's between you and your customers. I just hope you'll stick to your word and release your decryption tool if you ever go bankrupt...

We use standard crypto algorithms considered most secure by todays standards, so no worries here. You can NOT decrypt backups without global pin, password pin, wallet pin, wallet password! So again no worries here! You run up the wrong alley...we did not “invent” some uber encryption algorithm and just use it. Those things are tricky and we are not playing with fire.

It is just a couple of really good ideas on how to make life of potential attacker really hard that we do not want to divulge straight away.

All this put aside, every single BC Vault includes Bounty Wallet with more than 1 BTC. You can somehow crack it, it’s yours. Up to today, money is still there. So we dare to put money where our mouth is.

I don't want to get dragged into this discussion, but the direction it's taking more or less forces me to post...

You tell us you might not release the decryption tool because it would allow somebody with access to a lot of resources to reverse engineer your tool and use the knowledge to decrypt somebody's backup.
This is a valid concern, but this kind of tought pattern comes at a price: if you don't release the source code of a working decryption tool, how will we ever be sure our backups are safe? For all we know, you might be encrypting the backupset using Des or rc4, or, God forbid, an algorithm you yourself created...

Delivering no, or a back box, decryption tool requires a lot of trust from the crypto community... Trust you have not yet earned...

If you are so worried about releasing a decryption tool, it makes me wonder how those backups are encrypted... If you messed up, a 3 letter agency won't need any tools released by you, they'll be able to decrypt our backups just fine... The only way for you and the community to be certain about the security of the backup encryption is if we can look into the tool's source code... Only if we see the code and it's inspected by some trusted devs will I put any trust in the tool and your product...
Open source decryption tools will make your backup safer. If weaknesses are found, the odds are much bigger they're going to be reported for a bug bounty so you can at least fix them

No worries, once we rethink how and when we will release private key export as I said! We do not want to rush such sensitive operation!

It shouldn't matter. If the data is encrypted properly, then an attacker shouldn't be able to do anything with it. The only way that this would be a problem is if they are using a weak encryption protocol.

Then why have your data backed up electronically at all? Just use BIP39, back up your words on paper, and be done with it.

But am I correct in saying I cannot decrypt my encrypted keys without your software which you refuse to release? If so, then you are arguing semantics. The whole point of a back up is that it is accessible by me when I need it to be.

Therein lies my issue. Why should you get to decide if I can extract my private keys?.
[/quote]

Actually we do not prevent you. You CAN extract your private keys, but in encrypted form (encrypted with your passwords+pins) -> backup.

As mentioned this is due to security reasons and we might add functionality to extract raw private keys in the future with a lot of warnings etc. so even the most basic user will truly understand what are security implications of such operation.

You can't do that if your hardware wallet is lost and you can't access your keys because they haven't released their back up software.

With BIP39 I can very securely restore without having to buy a new hardware wallet by using an air gapped machine and using that to sign transactions generated on a live watch only wallet.

Therein lies my issue. Why should you get to decide if I can extract my private keys?.

Finally had a time (we just released major upgrade for BC Vault - EOS, TRX, BNB, GRS...)...

HCP stands correct.
One needs another BC Vault device to restore the BC Vault backup. Contrary to BIP39, the backup includes many other things BIP39 just does not cater to, so it is not a closed-circuit system with the sole intention of protecting tradecraft, but rather to enable features other cryptocurrency hardware wallets on the market today do not offer.
It is the basic principle of security, which usually does not go hand in hand with commodity. Going back to the HSM analogy: one cannot simply mix-up data from the highest level of security-enabled devices among each other.
In case of losing/destroying/fault of the device, one will also have to buy a new HW device with Trezor, Ledger… since importing the 24 words into any software wallet renders the sole purpose of using HW wallet worthless, as one risks exposing all private keys to a perhaps “insecure” device or service.
Safely storing the seed recovery phrase entails additional cost as these usually cost more than the hardware wallets themselves.
With BC Vault, the private keys are stored in FRAM, which is less likely to break down compared to Flash used in benchmark devices.
Firmware upgrades are always done on a non-active partition to protect the device from faults during any upgrade procedures so one can rest assured not being stuck with “update” screen.
 
We have just released an update that includes:
- Support for Binance BNB on the new Binance chain (BNB as the ERC-20 token was supported by from the initial release)
- Support for EOS with stake/unstake capabilities and new account creation from within the app
- support for Tron TRX
- A previous update saw the addition of the Stellar XLM and Ripple XRP
 
As of now BC Vault still does not allow the export of private keys but we are considering all options and if we so decide, we will get back to you.
 
»It is better to debate a question without settling it than to settle a question without debating it.«

We are not talking about your hardware wallet here, but about your recovery software. You have said that if you go out of business, nobody can access their keys without your recovery software. At this point, nobody except you can even say if this software exists or not. How do we know it will decrypt and display the keys safely, and not accidentally store them in plain text in a file somewhere on our system, for example? How do we know it won't email all of our keys off to your email address? After all, by this point you will already have gone out of business, so what do you have to lose? All we can go on is your word. Hence, trust.

I can sense we will never see eye to eye on this, so we are going to have to agree to disagree, but you will never convince me to trust my private key back up to the promise of some future software being released by an internet stranger.

Quick response:

What you are saying makes no sense at all. How do you think we sign the actual transactions, but with decrypted private keys?! Obviously it works.

The rest of your claim "reviewed, audited, and tested" does not make any sense for any non open source software. I explained our reasons for not open sourcing up to this point. You might agree with them or not, but let's not repeat same thing over and over again.

I would also encourage a user to have more than one hardware wallet, particularly from different companies in case there is a critical bug or vulnerability in one which makes it unsafe to use. There is little point, however, in having hardware wallets which are completely incompatible with each other. BC Vault can't be used as a back up for another hardware wallet, and other hardware wallets can't be used to back up a BC Vault. I don't see the benefit at all of having two BC Vaults over one Ledger and one Trezor, for example.

I have no issues with encrypted back ups, but the whole point of a back up is that you can access it when you need to in an emergency. Currently, the only way to access your BC Vault back up is to by another device and wait several days for delivery, which is far less optimal than near instant access of BIP39 back ups, as HCP has pointed out.

We also have no idea if their recovery software works, is safe, is secure, or even exists, because they refuse to release it. As I said above, one of the founding principles of bitcoin is to be trustless. This wallet, currently, requires a lot more trust than any other major hardware wallet.

If they released their recovery software so it could be reviewed, audited, and tested, and it worked as advertised, then it would be a different story. You could now extract your private keys and import them in to another wallet as required, and would no longer be trusting a third party's promise to let you have access to your private keys.

I think the point is... that once you use a BC Vault, you are essentially "locked in" to the BC Vault. As the OP asked and BC Vault confirmed, the backups can only be used by another BC Vault device.

There is (currently) no way to be able to recover your funds without a BC Vault device as BC Vault are not willing to release their recovery software at this time. This means, should your device be lost/damaged/stolen... you have no access to your funds, until you are able to get your hands on another device. In event that "the company stops trading", they have promised to release the recovery software.

Compared with other BIP39 compatible hardware wallets that can be recovered using any other BIP39 compatible hardware or software wallet.


As BC Vault have mentioned, users are free to make their own choices, but they should know all the facts so they can make an informed choice.

I see your point, but I am not sure I agree. Open-source can be perceived as an affirmation, but sadly it can be a liability that turns out to be a fatal flaw.

I suppose you prefer Trezor, since Ledger is not open-source.
Trezor’s vulnerabilities were exposed by “wallet.fail” (without responsible disclosure) and later by the competitor: Ledger. Even before that Trezor had to deal with non-genuine devices. A lot of trouble arose not exclusively but also because of open-source. Had anyone been able to do the same with the BC Vault, they would at least walk away with the 1 BTC Bounty Wallet.

Let’s leave sophisticated "evil maid" attacks aside and focus on the undeniably biggest danger when dealing with cryptocurrency hardware wallets: irrevocable user mistake. BC Vault displays all the important transaction details on the screen: full from & to addresses, sent amount and fees. The device also shows warnings about unusually high fees. That should save users most of the trouble and prevent many irreversible mistakes.

Again, obviously we know how to decrypt data, otherwise the product would not work at all. Internal development, test tools used for debugging already do everything needed to manually extract private keys and therefore "can it be done" discussion is entirely redundant.

You are entitled to and can always choose not to believe that we would release such a tool, if needed. Had it come to the point where BC Vault would shut down, we certainly would not want to be evil and would do the right thing to prevent possible losses of users' funds.

I already mentioned we might release the export private key function in the software after thorough consideration of all the implications of such action. Right now a potential attacker has no means of remotely extracting private keys in any way. It is simply not doable.

Besides, you can use our API and submit a transaction prepared for signing and get the signed transaction back if you want to have total control over everything else. This is exactly how HSM works and you can do that with our device connected to a computer without needing an Internet connection.

I appreciate the Lehman Brothers example, but I hope we at least agree that their clients and their savings were not high on Lehmans’ priority list and the advent of cryptocurrencies coincides with the loathing of the banking establishment and their modus operandi. We are in the same boat here.

I believe you might be focusing too much on something you may never need (export of private keys) and by that you are putting yourself in a greater danger as you would be by using BC Vault.

Fiat isn't designed to be trustless. Bitcoin is. Why would I want to introduce unnecessary trust in to bitcoin?

Companies go bust, scam, fold, shut down, disappear, all the time. An awful lot of people trusted Lehman Brothers with their money. They had been around for 150+ years. Didn't stop them collapsing.

So again, we will just have to take on your word on that one?

Ok, so I delete my wallet file and burn the words. It can never be restored. It is deleted.

There is quite a big different between trusting an open source program which you can review and compile the code yourself and a program that the developer promises exists but won't actually release.

You completely ignored every single bit of provided information.

Any kind of HW/SW device involves trust on some layer. I assume you do not use ATM's since somebody did not give you source code and HW walkthrough.
Obviously 17 years old company that works in IT security means nothing to you.

No. We use different methods that make it much more difficult for potential attacker, why would we provide any shortcut.


You are completely denying the truth. Do not mix companies that tried with one single product and failed with us please. I already explained who/what we are.

Nobody said you do not have to use BIP39. Whatever you feel like.

Not true. You can NEVER delete a wallet from BIP39 tree, you can only "hide" it. It will always be restored once you use your words and it will forever be linked to that words.

You are not your own bank and you will always have to trust 3rd party. The one that made your computer, your OS, your apps, disk drive, ram,  the firmware in all mentioned GW, the chips in all of mentioned HW, the crypto exchange, the person you are buying/selling to something....I/We have our fair share of knowledge about things with proven record.

It's your right to choose whatever you want to use, but please stop making accusations and assumptions that are simply wrong. There is quite a lot of reviews out there about our wallet including very reputable sites, that prove you wrong on all aspects.

TL;DR: Trust me.

No thanks.

We don't know that it works, because you won't release it, so it can't be tested. So we have to trust you on that. Also, just because it exists (if we trust you on that), doesn't mean you will release it. So you are asking for trust again.

So are you saying you are using your own encryption method which is vulnerable to attack?

Having "much to lose" doesn't mean you can't do it. Much bigger projects than you in the crypto space have "shut down", disappeared, exit scammed, and so forth. Again, asking for us to trust you on your word.

So use a couple of passphrases. Problem solved.

What are you talking about? BIP39 can generate as many wallets or addresses as you want, and I can delete my wallet files just as well as you can.

The whole point of "being your own bank" is so you don't have to trust a third party. Your wallet, as it stands, requires a lot of trust. You also don't seem to understand BIP39, and have tried to address problems which don't exist.

No thanks.

I have carefully read your comments on BC Vault and while I see your concerns, I would like to offer further explanation and paint the whole picture.

DISCLAIMER: I am the CTO of BC Vault. Everything written below is not a “promotion” as some assume immediately when one talks about anything else but Ledger or Trezor. This is my personal view on reservations some users voiced in the forum, and also an invitation to further discussion.

As always, everything is a two-edged sword and I would like to start off by addressing your doubts.
You can be absolutely sure we can release a decoding app for private keys if needed, as it is obviously encoded in the product and it works. We haven’t released it yet as it would be a shortcut for hackers to understand how our encryption and everything else works. This is a drawback to open-source that many vendors acknowledge (Ledger is NOT open-source) and others suffer from (Trezor counterfeits). Shortcuts are bad in security.

Let me give you a real-world example of what we have been dealing with for nearly two decades. REAL security www.real-sec.com is a 17-year old company that only works in the field of IT security. In this period, we have amassed experience and knowledge needed for the creation of BC Vault. We deal with the biggest IT security projects in the region of Central/South/East Europe. Our clients are banks, telcos, governments, state agencies, etc. and thus we have also been dealing with something called HSM (Hardware Security Module) for a long time. HSM is a predecessor of crypto wallets. It is usually used to securely store private key of certificates (PKI) and it “spits out” signed data. We are talking about equipment used by practically all banks, all PKI issuing agencies.

One can hardly find any HSM vendor releasing decoding apps, source code. A crypto currency hardware wallet is essentially an HSM (explained in simple terms). Does one have access to the source of banking software? No. Can the banks be trusted they will not take your money? No, as many that lost money in 2008 can confirm. But does our company have ANY reason not to release decoding utility for BC Vault private keys if needed? No, it does not. As I mentioned, we are a company that has been doing other things in the field of IT security for 17 years (as compared to almost all crypto wallet startups that have ZERO company history in the said field). We cannot simply “shut down” the BC Vault operation and disappear into thin air. Our reputation in the primary field of business would be irreversibly damaged and we have much to lose. What I am trying to say is that we are not a startup that simply played a card and can give up at a certain point and say “we tried”. Even if we had to shut down the project, we would have to do it properly.

On the other hand, by using BIP39 you have a huge security issue: all wallets are linked. Once somebody acquires your 24 words, ALL your wallets (even the future ones) are compromised and you might not even know. The attacker will strike only after there is a substantial amount on the wallets. You will never know what hit you. Also, BIP39 only caters for private key and nothing else. You lose everything else, such as wallet names, etc. Those words are all the attacker needs, and wallets using BIP39 come with the additional cost of seed recovery phrase protection.

With BC Vault, the attacker needs global pin + global password, and each wallet’s pin + wallet password AND BACKUP! The last AND is VERY important. If the attacker remotely compromises all your systems and steals all pins and passwords, they still can do nothing without the backup of your BC Vault. The backup must be physically confirmed on the device, so there is no way for them to make it without you confirming it.

In regards to being “anonymous” in crypto world, with BC Vault you can generate practically unlimited number of wallets and delete them whenever you wish to do so. This is something BIP39 prevents you to do. Furthermore, not many people expressed concerns of Ledger using unique certificate on their devices. Each Ledger device uses its own signed certificate in secure element to authenticate towards central server. You do know what that means or at least has the potential to do.
Besides security, we have not neglected and have strongly emphasized anonymity. The word “crypto” means hidden and it was the one aspect where we were not willing to make compromises.

To come back to the HSM story and again draw the parallels, most of the HSM installations DO NOT allow the export of private keys. This also means one cannot replace the device without a lot of hassle. But since the primary mission of HSM is secure storage of private keys without means of extracting them from the device, this is what customers actually look and pay a lot of money for. All they want is assurance that they have a secure means of backup/redundancy in case a device fault occurs.

Basically, it all comes down to what is your priority and belief. If you have decided that we are the "bad guys", well it's your right, but rethink your position and try to come up with a reason why you think so.

BC Vault has been made to be DIFFERENT and BETTER. We did not just take Trezor’s open-source code, designed a new housing, changed a few minor bits and called it the greatest thing since bread came sliced. We did everything different from ground up with a reason because we believe it can be done better for the benefit of the user, based on our experience in the field of IT security. We dared to take another path (contrary to BIP39) and we still strongly believe in it.

We might even release "export private key" per wallet functionality at some point in the future (and then mark any such wallet insecure), but that needs a lot of rethinking and considering every security implication. There is absolutely nothing that would prevent us from doing something like that, but the care for the security of the user and their funds.

There are three ways of making money in this cynical business: one can be first, one can be better, or one can cheat. We respect those that were first, we strive to be better, and we certainly don’t like cheating and shortcuts.


I encourage everyone to read our latest review:
https://pheeva.com/bitcoin/wallets/bc-vault-comparison/
…and join the conversation.

Great responses, thanks all. Much appreciated. Lots of info and terms here that are new to me, so much to google and read up on.

BC Vault is definitely a no-go.

Thanks.

Honestly... in my opinion, that is unacceptable.

That recovery application needs to be released now... so that users can actually test it and make sure it works and feel comfortable knowing that they can retrieve their keys should something happen. Rather than relying on some vague promise. As it stands now, if your device gets lost/stolen/damaged, then currently your only option is to purchase another BC Vault, wait for it to be delivered, then restore your backup.

I would not feel comfortable with that arrangement. One of the great things about Ledger and Trezor using BIP39 standards is that, in an emergency situation, you can quickly restore your wallet into another wallet and access your funds. It's also easy to verify that this all works by creating a test seed and testing it when you first receive the device etc.

One wonders if their reluctance to release the recovery application is to generate extra sales in the event of lost/damaged/stolen devices... or if they are concerned that there is some sort of flaw in the design that would be revealed by the app?

Not to me, no.  What you wrote would be an awful way to promote a hardware wallet.

I never heard of the BC Vault, so I'll have to google it or something, but it certainly doesn't sound secure at all if you're relying on the manufacturer to implement an upgrade in order to have complete control of your keys if they go out of business.  That's a huge red flag in my eyes, and since there are already very good hardware wallets on the market I'm not sure why you'd go with one that sketchy.  Yikes.

Never used a Trezor, but I definitely agree with you about the Ledger.  I'd go with that over the thing OP mentioned any day.

I wouldn't regard THIS as a 'only in the movie' attack.


The recent extraction of sensitive information via sidechannel attack on the power consumption on the screen seems like a very improbable ('move'-) attack.
But stealing a hardware wallet and simply extracting the seed with a tool isn't too 'movie-like'.

When in possession of the tool, that's even more easy to accomplish than a 5$ wrench attack. All you need is physical access to the hardware wallet.

One of those "only in the movies" attack. The chances, for now, that someone break into my house, find my hardware wallet and knows how to do this attack are minimum. But anyway, anyone with a Trezor should really be using a passphrase...

Maybe in future we should be more worried about these kind of attacks. As adoption grow, common thieves (and not only hackers) will discover that stealing hardware wallets is lucrative.

Certainly when that time comes we will all need to replace our hardware wallets for new ones which would be more robust against physical attacks, which are not something to worry right now.

You don't gain any advantage in anonymity/privacy when using non-deterministic wallets compared to deterministic ones.




You'd either need the device itself or the master public key to do that.
If you never enter your xpub into a software or post it online, the only way would be to have access to the device.

And if you have access to the device, it doesn't matter whether it is a deterministic or non-deterministic wallet. All private keys stored can be linked to one identity.




That should be possible with all hardware wallets (thanks to bip32 / bip44).




While trezor definitely is a good choice, i'd personally prefer a ledger device. Ledger's software is open-source.
The only part which is not open source is the firmware of the secure element due to NDA's.

Convenience comes at a huge cost here. Trezor T has a big touchscreen which is certainly the most expensive part (and a microSD card slot which still doesn't have any use). Ledger is also a good choice if OP likes their security policy. It's worth pointing out that Trezor is vulnerable to seed extraction which is dangerous if one doesn't use a long passphrase.

Ledger nano s has that exact same feature and passphrase is entered  on the device (ofc, if it wasn't it wouldn't be a hardware wallet)

Personally, I don't understand why is trezor T so expensive 149 euros, while ledger nano s is only 50-60 USD

But both are excellent options and are worth the price. I don't trust any other wallet.

You can do exactly the same on Trezor and Ledger. If you don't want your family members to see your coins then you can use a passphrase which acts as a 13th or 25th word of your seed. Each family member can use their own passphrase in order to have multiple accounts separated from others. Consider buying a Trezor T. It has a big screen and allows you to enter PIN, passphrase and recover the device without having to worry whether or not your computer is infected.

There are so many good hardware wallets out there. Why buy this shitty one?

Don't have even bip39 seed ? They will maybe release an application so that I can get my keys? Is this a joke?

Would you trust your savings in a device made by people who can't do something so simple that every other wallet out here does?
Is that wallet really secure? I mean , can we be sure that the private keys will never leave the device?

I trusted ledger and trezor because they have been tested a lot. Community trusts them, and they are on the market for years.

The idea to maybe receive my keys is just ridiculous.
Stay away and buy a real hardware wallet: trezor or ledger.

If you already have one bc vault, just remove your coins from it and buy another wallet. Ledger is very cheap, and you will have peace that you will never lose your coins.

I have never heard of BC Vault, and by default, I recommend not buying HW wallets from unknown companies.

They are promising to release a tool to recover your private keys if they go out of business. There is no guarantee they will follow through on their promise, and they will receive no reputational harm if they fail to do so because they will be out of business. Unless they currently have a means of recovering your private keys, I would assume a tool will never exist.

Yeah, that's a shame, I liked that wallet a lot. No, I'm not the owner or in any way affiliated with them, just a regular Joe.


Does it seem likely that I would promote this company in some way by posting about what I found to be a negative? I don't think so. Yes, I really did create an account here to post a response to a question that I asked them... I don't get why you would think there's anything dishonest about this? Why would you create an account other than to ask a question or contribute? I'm relatively new to this and after googling and researching as best I could, I could find no definitive answer as to whether this was a deal breaker or whether I was misunderstanding, so figured there would be someone here that was far more knowledgable than me. Reasonable?


Yes, my thought exactly!


Think you can enter it on the device itself, there's a screen and a Dpad thing.

I didn't go into detail as it seems already Mocacinno thinks I'm promoting the device... I'm not. I think the key thing for me was the anonymity/privacy of non-deterministic wallets. My understanding of the other typical wallets is that they're deterministic meaning that it is possible to relate the wallets held on the physical hardware back to one another somehow. I watched a video where Andreas Antonopoulos explained it. The other thing I liked was that you can have multiple accounts (vaults?) on it to kinda segregate the wallets, allowing other people (in my case family members) to store their coins on it also.

I think of the other two viable (large companies, well known) options to my knowledge, are Ledger and Trezor, I think the option I'll likely opt for is Trezor, I get a warmer feeling from its open source nature than I do from Ledger.

If you have other recommendations, I'm all ears.

Thanks for responding :-)

My first tought: are you the owner of bc vault or being payed to promote them? I mean, did you really register an account on bitcointalk to give an answer to a question nobody has asked (AFAIK)

My second tought: i'd never jump in and buy an unknown hardware wallet, when there are several community-vetted existing alternatives that do the job quite well.

I used google to research this wallet, and other than the fact they claim to be the only one that offers secure backups, i don't see anything worth risking my coins over. And i wonder: why would you even make backups... Other wallets use a seed phrase which can be extended with a custom password in case your seed phrase gets discovered, this seed can be used to restore your wallet... usually you can just use a compatible software wallet in case the company goes out of business. At first sight it seems bc vault does not use this existing, community vetted, technology, so it actually needs you to make backups. To me, it seems they fixed a problem they created themselfs, then brag about the fact they fixed the problem...

It is risky. Other hardware wallets allow you or even force you to back up the mnemonic phrase they generate which is supported by many software wallets. There is no guarantee that they will release that application. How are you supposed to enter a wallet and account password on that device? Doing it on a computer is completely unsafe.


Can you elaborate on that a little bit? We might be able to recommend you a different hardware wallet.

Hi, I recently asked BC Vault a question about recovery:

Hi, if I purchase a BC Vault, and later it breaks or is stolen and I need to restore my backups (sd card/paper), presumably I can ONLY restore to another BC Vault, unlike with BIP39 seed words where I could restore to any device? I'm thinking of a situation where BC Vault goes out of business. Am I correct here or have I misunderstood the backups?

They replied and this is their response:

You are correct. We have considered this exact scenario and have prepared a decryption application for backups which can extract raw private keys from backups provided you have all the necessary information (global pin, global password, wallet pin, wallet password). We will release this application as an open source project on GitHub in the event of the business shutting down.

After quite a bit of research BC Vault would be my preferred choice for several reasons (storage types, security, volume of crytocoin types it will hold, non-deterministic wallets, family members can use it also etc), but this backup and recovery option feels risky to me.

Thoughts?